Krzysztof Jackiewicz [Wed, 22 Mar 2023 08:48:31 +0000 (09:48 +0100)]
Key unwrapping implementation in TZ backend
Change-Id: I1ada1788c7f436b9cdd22cc7734eb3ab0159c544
Dariusz Michaluk [Fri, 31 Mar 2023 10:14:39 +0000 (12:14 +0200)]
Change code formatting in import/export wrapped key
Change-Id: If8932f5f9b3a1f2cdb2003895b348b89b7a15321
m.ksiezak [Thu, 16 Mar 2023 10:56:02 +0000 (11:56 +0100)]
Implementation of ckmc_export_wrapped_key
Change-Id: I2769be74b1ad3d76537d31bc3f7ac4659946029f
m.ksiezak [Fri, 17 Feb 2023 13:57:55 +0000 (14:57 +0100)]
Implementation of ckmc_import_wrapped_key
Change-Id: Ic8d2a865de2a705d39a4de06e9b91de5a6f30ef5
Krzysztof Jackiewicz [Tue, 28 Mar 2023 16:16:18 +0000 (18:16 +0200)]
Use new types in key derivation
Change-Id: I379f6a1c53c278c0adbaa71269b6232176601769
Krzysztof Jackiewicz [Tue, 28 Mar 2023 10:48:12 +0000 (12:48 +0200)]
isSKey mistake counter + a refactoring promise
Change-Id: I9fd0a98db92c8c0a6c2c7091fc9da22d0325b16a
Krzysztof Jackiewicz [Thu, 23 Mar 2023 08:19:41 +0000 (09:19 +0100)]
Simplify DB::Row/Token extraction
For wrapped key export we need to pass 1 object to be wrapped by
another. GObjUPtr is insufficient as it loses information about the
specific type. We'll need that info in TZ backend.
The wrapping API can be then made look as follows:
RawBuffer GObj::wrap(const CryptoAlgorithm ¶ms,
const Token &keyToWrap,
const Password &keyToWrapPass);
Change-Id: Ifeea08cbef43c6e86c067e37c68627d6b819bfcf
Krzysztof Jackiewicz [Mon, 27 Mar 2023 10:47:45 +0000 (12:47 +0200)]
Enable EC key pair generation in TZ backend
Until now, the decider was redirecting such requests to SW backend at
all times.
Change-Id: Ibbda55fa8ecdb3b5b8b3803754bfbf226a612704
Krzysztof Jackiewicz [Fri, 24 Mar 2023 15:52:05 +0000 (16:52 +0100)]
Make unpack a static GStore method
Needed for key wrapping.
Change-Id: I1ac65d92176237d61719944f7eb1688588c67117
Krzysztof Jackiewicz [Wed, 22 Mar 2023 08:15:34 +0000 (09:15 +0100)]
Replace 'virtual' with 'override' in TZ Store
Change-Id: I5a5406be8a4e8f3429ddb18cc9603a8647ec66a2
Krzysztof Jackiewicz [Thu, 16 Mar 2023 11:45:45 +0000 (12:45 +0100)]
Key derivation in TZ backend
Change-Id: I76a9b93d0e2deb82724ba941b97dcc4c995b08d7
Krzysztof Jackiewicz [Tue, 21 Mar 2023 07:34:49 +0000 (08:34 +0100)]
Implement EC key pair generation in TZ backend
Change-Id: Id1199d174146dfeb7b75081783dca90624fe12de
Krzysztof Jackiewicz [Fri, 24 Mar 2023 16:01:55 +0000 (17:01 +0100)]
Remove unused function
Change-Id: I157503be4e191edc35c12453d0b780c8d1ed466b
Krzysztof Jackiewicz [Mon, 20 Mar 2023 09:41:57 +0000 (10:41 +0100)]
TZ backend helpers
Change-Id: I4d81f000ca130a468352c31060608d9c78b771ce
Krzysztof Jackiewicz [Mon, 20 Mar 2023 12:32:40 +0000 (13:32 +0100)]
Use proper constant in TZ data import
Change-Id: I4510a29f1bb8d8dfc2216199465cd2a76701ddb6
Krzysztof Jackiewicz [Fri, 20 Jan 2023 19:41:55 +0000 (20:41 +0100)]
Add ECDH+KBKDF example
Add an ECDH+KBKDF example in form of a doxygen snippet. The code used in it is
compiled together with the project.
Disclaimer:
I don't know how to generate Tizen API documentation. Basing on other projects
I made an assumption that doxygen's EXAMPLE_PATH points to doc subdirectory.
With such assumption, vanilla doxygen generates the code snippet properly.
Change-Id: I7cdc98ff204238be0ad2440a8816ed53a61e7efc
Krzysztof Jackiewicz [Mon, 13 Feb 2023 09:10:39 +0000 (10:10 +0100)]
KBKDF HMAC implementation in sw backend
Unit tests included
Change-Id: If4287b38c61fe3842024c5e7baf4934685f92566
Krzysztof Jackiewicz [Fri, 10 Feb 2023 15:02:15 +0000 (16:02 +0100)]
Custom KBKDF HMAC implementation
There's no KBKDF support in openssl1.1. Added implementation based on
NIST spec, openssl3.0 KBKDF implementation (as a reference) and
openssl1.1 HMAC.
Test vector validation included (supported PRFs only)
Change-Id: If1dc6070e8e8fc35582876c6fd4b4be4497c7de4
Krzysztof Jackiewicz [Thu, 9 Feb 2023 08:11:02 +0000 (09:11 +0100)]
Sw backend ECDH implementation
Unit tests included
Change-Id: I8e91ebbba587451e3b96212d7e74a3585e480702
Krzysztof Jackiewicz [Thu, 9 Feb 2023 08:59:15 +0000 (09:59 +0100)]
Make pack() a SW Store's static method
This is necessary to let SW object pack newly derived key/secret.
Change-Id: Ib9cb635e384ae3dfcee7cf4c60cbea80d2c86861
Krzysztof Jackiewicz [Wed, 1 Feb 2023 16:00:34 +0000 (17:00 +0100)]
Key derivation implementation: client & server
Client and server part (no implementation in backend)
Change-Id: I38d9be59b2c07ed59b61374f461383b58e4c98d0
Krzysztof Jackiewicz [Fri, 17 Mar 2023 09:18:09 +0000 (10:18 +0100)]
Remove API doc leftover
Change-Id: I2b28fa37206b72adb6d68255305718508ab2d70d
Krzysztof Jackiewicz [Tue, 14 Mar 2023 12:35:17 +0000 (13:35 +0100)]
Cleanup TZ backend API
Change-Id: Id0042379e7a85d6960609f7efad3dbe7483eeaf1
Krzysztof Jackiewicz [Thu, 9 Feb 2023 08:55:08 +0000 (09:55 +0100)]
Keep the backend id in GObj
This is necessary for key derivation & wrapping, when one object
creates another.
Update SW and TZ backend.
Change-Id: I898b75b0cc093414d089ed4130827571d592315f
Krzysztof Jackiewicz [Thu, 23 Feb 2023 08:47:44 +0000 (09:47 +0100)]
Allow saving unexportable data
Now it makes sense as such data can be used for key derivation.
Change-Id: Ie8db9cca5b83831045dce45cfadde8215c79a608
Krzysztof Jackiewicz [Mon, 20 Feb 2023 07:53:36 +0000 (08:53 +0100)]
Fix the forgotten scheme-test
Make the test properly handle key migration.
Change-Id: Id1e468b1da807d52f6054ee7d0edb9c0472264fd
Krzysztof Jackiewicz [Fri, 17 Feb 2023 20:13:46 +0000 (21:13 +0100)]
Fix decryption with unexpected password
Passing a password when a row was not additionally encrypted with one
did not fail as it should. Make it do so.
Change-Id: Ifd84cca1b55c67ef7e5b470cc42bb4efac6a0703
Krzysztof Jackiewicz [Thu, 16 Feb 2023 11:09:20 +0000 (12:09 +0100)]
Derivation API extension
Allows configuration of following KBKDF parameters:
- counter location,
- fixed input or label + context,
- length of counter representation,
- length of length suffix representation,
- existence of length suffix,
- existence of zero octet separator.
Change-Id: I685e4f38d28c4bc0a9d79fd6fbbd9da870534be8
Krzysztof Jackiewicz [Thu, 12 Jan 2023 18:29:47 +0000 (19:29 +0100)]
E2EE API draft
- Key wrapping API
- Key agreement/derivation API
- Updated encryption API doc
Change-Id: Iaa7add5cf102679aa8ad9464fcbea38d52cf9c3f
Krzysztof Jackiewicz [Wed, 8 Feb 2023 09:27:14 +0000 (10:27 +0100)]
Remove unnecessary helpers from CkmLogic
Change-Id: I32df8f2f0f17b22e2d72ac99708e79f7b8ebde81
Krzysztof Jackiewicz [Mon, 6 Feb 2023 08:50:25 +0000 (09:50 +0100)]
Unify CKMLogic methods and fix PKCS12 support
Add helper functions for frequently repeated code (input parameter
checks, database selection, permission checks, hash calculation,
transaction start)
Fixed object Id is calculated from uid, pkg_id & alias. PKCS12
components are stored under common alias differing only by type. As a
result, all PKCS12 components are saved with identical object id which
may lead to conflicts.
For PKCS12 add type information as hash function input.
Change-Id: Id54c5eb4e0ad5b3521f2661df64619316cf4a9ea
Krzysztof Jackiewicz [Thu, 9 Feb 2023 14:34:03 +0000 (15:34 +0100)]
Fix indentation
Change-Id: Ic98aea95c673fb94dc022eee9cac66fc4d1a5b9e
Krzysztof Jackiewicz [Mon, 6 Feb 2023 09:28:36 +0000 (10:28 +0100)]
Unify app key loading
Change-Id: Ic10c86c01fd71311477a1695fb9a5e3d60ca1f54
Krzysztof Jackiewicz [Fri, 3 Feb 2023 12:11:15 +0000 (13:11 +0100)]
Simplify explicit to effective owner translation
Change-Id: Iaae22210f7d08c4973d779f8330f4abb6f1f1c73
Krzysztof Jackiewicz [Fri, 3 Feb 2023 09:23:12 +0000 (10:23 +0100)]
Pass proper owner to hashing function
Explicit owner may be empty. In such case the default owner value
should be taken from user's credentials.
Change-Id: I59dc0d421975bc7b329a609ebddc35420cea446c
Krzysztof Jackiewicz [Fri, 3 Feb 2023 09:05:55 +0000 (10:05 +0100)]
Move system db owner check to AccessControl
Change-Id: I28daefd12f0492a93b63f66c11b0a6fdda9d302d
Krzysztof Jackiewicz [Fri, 3 Feb 2023 07:27:56 +0000 (08:27 +0100)]
Fix indentation
Change-Id: I1f4e3d3c0c3ec9d4d7da436979236e177ad86c6a
Krzysztof Jackiewicz [Wed, 1 Feb 2023 15:30:21 +0000 (16:30 +0100)]
SW backend API cleanup
Get rid of unnecessary "virtual" specifiers.
Use "override" instead.
Remove unnecessary destructors.
Change-Id: Ide0892647acee5fe2046653d6e65bfa09b2fbe01
Krzysztof Jackiewicz [Tue, 11 Oct 2022 15:42:57 +0000 (17:42 +0200)]
Add more KeyProvider tests
This includes tests for newly added key format and migration.
Change-Id: I852fa672ad39599dc89ac3a7b334c7e914c71bde
Krzysztof Jackiewicz [Wed, 5 Oct 2022 13:51:33 +0000 (15:51 +0200)]
Refactor KeyProvider
Apply modifications while keeping key file format and encryption scheme
unchanged:
* Remove unused code
* Deduplicate code
* Unify key naming
* Simplify structures keeping various forms of keys and their metadata
* Update tests
Change-Id: I38caceb6c38bfecbdbbb290df39042ba7b17b394
isaac2.lee [Thu, 6 Oct 2022 01:17:12 +0000 (10:17 +0900)]
add debug log and fix a bug
Change-Id: I35d284cb29ec3bfe53500f4473994ed5c8217e61
Dongsun Lee [Wed, 5 Oct 2022 10:07:05 +0000 (19:07 +0900)]
Release 0.1.47
* add the se-backend for db encryption
Change-Id: Id0c036cb08a11215e74be5e6bb2343785fd6bc93
이이삭/System Security Lab(SR)/삼성전자 [Wed, 5 Oct 2022 07:10:38 +0000 (16:10 +0900)]
add the se-backend for db encryption
* add the se-backend for db encryption
* change se-backend include dependancy and remove the unavailable codes
* remove migration DBDEK and rearrange KeyProvider structures
Change-Id: I52e07ac5af7b41d0f79b7fee818221f25b1d60cd
Krzysztof Jackiewicz [Mon, 26 Sep 2022 14:28:11 +0000 (16:28 +0200)]
Release 0.1.46
* Fix encryption request handling
* Add Samsung's Analysis Hub service configuration
* Remove unused sec_build_binary_debug_enable build macro
Change-Id: I909ddd67218797199f44d35582d20fb77e47f9ef
Krzysztof Jackiewicz [Mon, 26 Sep 2022 10:47:24 +0000 (12:47 +0200)]
Fix encryption request handling
The key used in m_requestMap is not unique which may lead to errors when
requests from multiple clients are processed.
Use a separate request counter as the key.
Change-Id: Iffbf0a3c43ea0c091eb3d714ef0a77211f9b3a78
Tomasz Swierczek [Wed, 21 Sep 2022 10:30:25 +0000 (12:30 +0200)]
Add Samsung's Analysis Hub service configuration
Configuration allows skipping sqlcipher.c file,
which is external open source, from static analysis.
Change-Id: Ia1ed85e403c8feefdfe659018b660af5dbe27daa
Dariusz Michaluk [Thu, 25 Nov 2021 10:46:28 +0000 (11:46 +0100)]
Remove unused sec_build_binary_debug_enable build macro
Change-Id: I3fc241eabb7ba6b8f737149f99410da0af028953
Tomasz Swierczek [Tue, 27 Jul 2021 06:39:17 +0000 (08:39 +0200)]
Release 0.1.45
* Deprecate ckmc_ocsp_check API
Change-Id: I248a647047782f6a7f403cd51b3c9b76152936b0
Tomasz Swierczek [Tue, 27 Jul 2021 06:01:47 +0000 (08:01 +0200)]
Deprecate ckmc_ocsp_check API
OCSP test certificate management is problematic, and Tizen platform
has another ocsp API in OpenSSL which can be officially recommended.
Change-Id: Ifc115c300e79a64b65361deaa848ee396e654240
Michał Szaknis [Mon, 28 Jun 2021 12:22:49 +0000 (14:22 +0200)]
Release 0.1.44
* Use fixed object ID in TZ backend
* Add more tests to increase coverage
Change-Id: I989df7e1b5b8c9f783014b40b4eb700c263d1cd3
Michał Szaknis [Wed, 21 Apr 2021 15:28:08 +0000 (17:28 +0200)]
Use fixed object ID in TZ backend
Calculate the object ID as a hash of credentials and alias instead of
using a random ID.
Change-Id: Ice164d6f8eda9acd157c4d74f47d45fef49f6ddc
Michał Szaknis [Fri, 21 May 2021 14:17:20 +0000 (16:17 +0200)]
Add tests for `try_catch` and `try_catch_enclosure`
Change-Id: If74b22ad53961a32c75d3d7feae48f2a41d09508
Michał Szaknis [Fri, 21 May 2021 08:18:35 +0000 (10:18 +0200)]
Add tests for ckmc-type-converter.cpp
Change-Id: Idd90ad6f954ec491d718b955bea2f43624986160
Michał Szaknis [Thu, 20 May 2021 15:16:14 +0000 (17:16 +0200)]
Add tests for AliasSupport class
Change-Id: I509160e10ca4ac00418d3ee408c32915c6aa5511
Michał Szaknis [Thu, 20 May 2021 10:30:06 +0000 (12:30 +0200)]
Add test to xml-utils.cpp
Change-Id: I74c1130c20245ade53dbb86c72e38528409be23f
Krzysztof Jackiewicz [Thu, 13 May 2021 13:34:32 +0000 (15:34 +0200)]
Release 0.1.43
* Open legacy db in R/W mode
* Fix coverage generation in rpm 4.14.1
* Suppress TEEC deprecated declarations warnings
* Remove unnecessary cast to double in db perf test
Change-Id: I44b581084930e2253ea3112e362733f47a0c9479
Krzysztof Jackiewicz [Thu, 13 May 2021 12:53:32 +0000 (14:53 +0200)]
Open legacy db in R/W mode
If due to a failure during previous transaction a rollback journal is
generated, the original legacy database has to be restored to the
original state before it can be dumped. However, it can't be done
unless the database is opened in R/W mode.
Change-Id: Icc455f4e820a5be8b0628e95895680e9cbb14eb6
Tomasz Swierczek [Wed, 3 Mar 2021 13:56:26 +0000 (14:56 +0100)]
Fix coverage generation in rpm 4.14.1
Debug source package directories now have different names.
Change-Id: I40f13e79fc90569b9f2f8d03a5a03c3759186363
Dariusz Michaluk [Thu, 18 Feb 2021 12:16:28 +0000 (13:16 +0100)]
Suppress TEEC deprecated declarations warnings
Change-Id: Iaaf6d24ceef6f981398f6c780f41c420555ee191
Krzysztof Jackiewicz [Thu, 18 Feb 2021 09:43:19 +0000 (10:43 +0100)]
Remove unnecessary cast to double in db perf test
Change-Id: I7ef26e137010f303c378cb135404a39bf13ec181
Tomasz Swierczek [Tue, 9 Feb 2021 10:03:25 +0000 (11:03 +0100)]
Release 0.1.42
* Updated to match recent systemd changes
Change-Id: I053812d12e9ae4fce5664def0d8bf8adde9f379e
INSUN PYO [Tue, 2 Feb 2021 08:57:32 +0000 (17:57 +0900)]
Change systemd-devel package name
Change-Id: Ia1df8a4567c2f72ef1777bd70b831220fce0b0a4
Krzysztof Jackiewicz [Wed, 3 Feb 2021 13:31:31 +0000 (14:31 +0100)]
Release 0.1.41
* Remove useless socket description timeout initialization
* Check sockets received from services
* Cynara socket tests
* Make SocketDescription getters const
* Validate cynara sockets
* Refrain from retrying close(int) (per man 2 close)
* Catch exceptions before returning to cynara
* Use eventfd instead of pipes for notifications
* Add randomized socket manager stress test
* Prevent writing to a socket marked as closed
* Refactor SocketManager's timeout queue
* Add timeout queue stress test
* Add check for connection counter in the server
* Start SocketManager as not working
Change-Id: I40682e7d061bbc4e522b1193b328e81abbe6e8e9
Krzysztof Jackiewicz [Tue, 2 Feb 2021 10:09:00 +0000 (11:09 +0100)]
Remove useless socket description timeout initialization
* Socket description vector uses raw monotonic clock for timeouts.
* Not all sockets use timeouts.
* Those that use are initialized at later stage.
Change-Id: Ifd9ce8c29882fc9f8cf8752a0dbd0a72b953b8f3
Krzysztof Jackiewicz [Tue, 2 Feb 2021 10:07:42 +0000 (11:07 +0100)]
Check sockets received from services
Change-Id: Ibb4b79a9e4e1c36223409c695c58c40f695e538c
Krzysztof Jackiewicz [Mon, 25 Jan 2021 09:40:58 +0000 (10:40 +0100)]
Cynara socket tests
Change-Id: I6615bf57b4a0a8bde39c14a7f82d21b000c52286
Krzysztof Jackiewicz [Mon, 25 Jan 2021 15:01:56 +0000 (16:01 +0100)]
Make SocketDescription getters const
Change-Id: Ide41dc35598b423f8dac320b02b136b17a21c3cf
Krzysztof Jackiewicz [Mon, 25 Jan 2021 08:09:05 +0000 (09:09 +0100)]
Validate cynara sockets
Socket descriptors received from cynara are not validated which may lead
to:
- m_socketDescriptionVector buffer overflow/UB
- reuse of already opened descriptors for cynara
- growing m_socketDescriptionVector
- closure of descriptors used by other parts of code
- more than one cynara socket opened at the same time
Change-Id: I5c6cd521fbde2a461f24e175571b74885d163b50
Konrad Lipinski [Fri, 29 Jan 2021 15:58:37 +0000 (15:58 +0000)]
Merge "Catch exceptions before returning to cynara" into tizen
Konrad Lipinski [Tue, 26 Jan 2021 09:09:17 +0000 (10:09 +0100)]
Refrain from retrying close(int) (per man 2 close)
Change-Id: I3343546c8aa2590e0147b89dc3c336d5e47a2d07
Krzysztof Jackiewicz [Mon, 25 Jan 2021 08:07:44 +0000 (09:07 +0100)]
Catch exceptions before returning to cynara
Callbacks registered in cynara may throw. Let's not propagate exceptions
to cynara.
Change-Id: Idc3bec6208495d0bfdb4d41c3ea0451352c9715b
Krzysztof Jackiewicz [Thu, 21 Jan 2021 12:10:45 +0000 (13:10 +0100)]
Use eventfd instead of pipes for notifications
The kernel overhead of an eventfd file descriptor is much lower than
that of a pipe, and only one file descriptor is required.
Change-Id: Ie6d04d1ea8125190c35e1ef1655f517406eff807
Krzysztof Jackiewicz [Thu, 14 Jan 2021 20:35:46 +0000 (21:35 +0100)]
Add randomized socket manager stress test
Registers several test services in the manager.
In a loop:
* Selects a random service
* Selects a random action:
* Create a new connection
* Disconnect a random existing connection
* Send random data through a random connection
* Try to receive data from a random connection
Change-Id: Id208e3a6ffbd1db82cd3389ba72bd0ff998d7c61
Krzysztof Jackiewicz [Thu, 14 Jan 2021 12:54:15 +0000 (13:54 +0100)]
Prevent writing to a socket marked as closed
It is possible that select() marks a descriptor as ready for both read
and write operation. If, additionally, the socket becomes closed in
ReadyForRead(), the following call to ReadyForWrite() will attempt to
write to a closed socket. It is harmless, unless the closed descriptor
is already reused by another thread at the time of write().
This commit prevents it.
Change-Id: Idaa829ef74d6df9f24c263f289aeca910b679713
Krzysztof Jackiewicz [Wed, 13 Jan 2021 09:40:17 +0000 (10:40 +0100)]
Refactor SocketManager's timeout queue
SocketManager changes:
* Remove timeout queue elements on socket closure. Until now it was
possible to make the timeout queue grow because its elements were not
removed upon socket closure.
* The queue now contains only socket numbers of corresponding
m_socketDescriptionVector elements. The code responsible for timeout
updates in the queue is no longer neccessary and has been removed.
* Modify the timeout queue only if corresponding socket has a timeout
enabled.
* Remove unnecessary 'open' and 'timeout' socket flag check if a
timeout occurs. Only the main thread modifies these flags. If there's
a timeout, it must have been triggered by an opened socket with
timeout enabled.
Growing queue test changes:
* Compare timeout queue size and connection count in the SocketManager
thread.
* Assume that first AcceptEvent is triggered by the most reccent
connection attempt.
* Match client and server sockets to properly detect CloseEvents.
* Add more stress to the test with more initial connections.
* Throw std exceptions from SocketManager thread.
* Wrap SocketManager thread in an object. Check a possible exception in
the destructor.
* Get rid of unnecessary timeouts.
Change-Id: Icd63696a58c4ef6a66c2e487819423df610ca580
Krzysztof Jackiewicz [Tue, 12 Jan 2021 11:37:18 +0000 (12:37 +0100)]
Add timeout queue stress test
While one socket connection is active and its timeout not reached yet,
we can open and close many new connections, which will push items on
SocketManager::m_timeoutQueue. Because first socket has an earliest
timeout, the second connection elements won't be touched. Because
m_timeoutQueue elements are not removed on socket close, the queue will
grow. Still nothing bad should happen.
Change-Id: Ied20d2e1517ad471e465c6fa601e368469a4cc37
Krzysztof Jackiewicz [Tue, 12 Jan 2021 11:30:01 +0000 (12:30 +0100)]
Add check for connection counter in the server
This is just a precaution targeted more at stress tests rather than
regular key-manager usage.
Also remove unused ConnectionID operator.
Change-Id: I090b7bd29594d8a47cc4142a7713ccfb4c9b121e
Krzysztof Jackiewicz [Tue, 12 Jan 2021 11:33:53 +0000 (12:33 +0100)]
Start SocketManager as not working
The m_working flag should be set to true only inside MainLoop().
Change-Id: I47138d2036ff87712b4b5ac4b4df385917cd866b
Dariusz Michaluk [Fri, 8 Jan 2021 16:31:00 +0000 (17:31 +0100)]
Release 0.1.40
* packaging: rpm scriptlet cleanup, handle -p /sbin/ldconfig
* Use memcpy to avoid unaligned access
* Make IEncryptionService destructor protected
Change-Id: Id6c04467097f0a89c58403c5e824d8b2d0a35aea
Dariusz Michaluk [Fri, 8 Jan 2021 13:52:19 +0000 (14:52 +0100)]
packaging: rpm scriptlet cleanup, handle -p /sbin/ldconfig
The RPM documention indicates that during an rpm install or erase, the
script(lets): %post, %preun, and %postun (and %pre, %build, %install,
etc.) are copied to a temp file, and then the temp file is run as a
(/bin/sh or bash) script.
Unfortunately the documentation is not clear about how rpmbuild and/or
rpm determine where the end of any scriptlet is when it is copied to
the file.
Most things in the key-manager.spec work correctly as is. These are the
%preun, %post, and %postun scriptlets that are "closed" by a following
%preun, %post, and %postun, or potentially another scriptlet, e.g.
%file.
The ones that don't work correctly (only one actually) are those where
there is a comment in the spec file before it is closed by another
scriptlet. Further complicating things is that the type of scriptlet
affects what rpm does and what `rpm -qp --scripts ...` shows.
The specific one that didn't work was the
"postun -n libkey-manager-client -p /sbin/ldconfig" scriptlet.
It is followed by a comment before being "closed" by the %files section (or
scriptlet). It can be written two ways:
"%postun -n libkey-manager-client\n/sbin/ldconfig"
or "%postun -n libkey-manager-client -p /sbin/ldconfig".
Either way it's written, `rpm -qp --scripts libkey-manager-client...`
will include the comment lines between the %postun line and the following %files line.
But the way rpm executes these depends on how they're written. If
written as "%postun -n libkey-manager-client\n/sbin/ldconfig" rpm will simply run
/sbin/ldconfig with no command line options, i.e.
execve ("/sbin/ldconfig", [ "/sbin/ldconfig" ], [ ]);
But when written as "%postun -n libkey-manager-client -p /sbin/ldconfig",
it will copy the comment lines to a temp file, and pass the temp file name and "1"
as (command line) parameters, i.e.
execve ("/sbin/ldconfig", [ "/sbin/ldconfig", "/tmp/tmpXXXXXX", "1" ],
[ ]);
Which results in ldconfig exiting with an error. (Remember, both ways show
the comment in `rpm -qp --scripts ...`)
Problematic comment line was removed and whole file comments style was adjusted.
Additionally some cleanup was performed.
Change-Id: I966f0930d7a7b46b401f399aaf2e5c748edc0a1f
Krzysztof Jackiewicz [Mon, 4 Jan 2021 13:56:28 +0000 (14:56 +0100)]
Use memcpy to avoid unaligned access
Casting unsigned char* to signalfd_siginfo* may cause an unaligned
access (see -Wcast-align). Use memcpy to avoid it.
Verify by sending SIGTERM to key-manager, observing the logs and
systemctl status. The service should stop without errors.
systemctl start central-key-manager
kill -SIGTERM `pidof key-manager`
systemctl status central-key-manager
Change-Id: I061cc2f488cba9252ed65b0d8ca22840f725a433
Krzysztof Jackiewicz [Mon, 4 Jan 2021 09:01:30 +0000 (10:01 +0100)]
Make IEncryptionService destructor protected
The implicitly-defined destructor is non-virtual and public. We don't
want the EncryptionService to be destroyed via IEncryptionService.
Change-Id: Iaf2b180cdd4f60a4f20cc1c9e1d593dcd1c1f220
Tomasz Swierczek [Wed, 16 Dec 2020 11:11:27 +0000 (12:11 +0100)]
Release 0.1.39
* Replace sqlcipher with upstream 4.4.2
* Unit tests improvements
* Small fixes
Change-Id: I94a213c7b122c0867915c38c14ebb25db1258420
Tomasz Swierczek [Fri, 11 Dec 2020 14:28:51 +0000 (15:28 +0100)]
Change DB access credentials variable name
Change-Id: I8aa5a80fc082049dda9697b3b648a53e351b1a0b
Dariusz Michaluk [Tue, 8 Dec 2020 15:24:46 +0000 (16:24 +0100)]
Upgrade to sqlcipher 4.4.2
Change-Id: I7ca21a3c9ce5618463173ed444c73d6361f405d8
Dariusz Michaluk [Tue, 8 Dec 2020 14:57:43 +0000 (15:57 +0100)]
[NOT COMPILING] Replace sqlcipher with upstream 4.4.2
Change-Id: I6afb8cb44fb932ff01d1a29877717f909e178948
Krzysztof Jackiewicz [Fri, 4 Dec 2020 15:58:12 +0000 (16:58 +0100)]
Fix UB in LogSystem
Passing NULL to std::string constructor is an undefined behavior.
Check values returned from getenv() to avoid passing NULL to
std::string constructor. Use std::string when appropriate.
Update unit tests.
Change-Id: I56dd60f432c8e6e6033e9674601ced0b6432fc28
Krzysztof Jackiewicz [Wed, 2 Dec 2020 17:07:09 +0000 (18:07 +0100)]
Fix negative CBC decryption test
There's a high chance that the padding ^ 0x1 will produce a 0x01
trailing byte which happens to be a valid padding. In such case make
sure that the length of the decrypted data is different.
Change-Id: I60b7f9e708d850c49dbddbdda64ff178d730b4f7
Dariusz Michaluk [Mon, 7 Sep 2020 16:16:17 +0000 (18:16 +0200)]
Automate code coverage measurement - adjustment
To gather unit tests coverage report:
- use COVERAGE build_type,
- instal key-manager-coverage rpm,
- run key-manager-coverage.sh script.
Change-Id: I6d2efd2bcec79a37a45ed56ca9efa148de13be4e
Mateusz Cegielka [Mon, 5 Oct 2020 15:18:13 +0000 (17:18 +0200)]
Fix misplaced parentheses in error code comparison
Some newer SVACE version I happened to run locally detected misplaced
parentheses here. Fortunately, this would only result in returning a
wrong error code and not ignoring the error.
I have fixed the mistake, also removing the use of an assignment in an
if statement because there is no reason to do so.
Change-Id: I441e882ffbd484b6a7ec47eeaf5999b5e7992cd7
Konrad Lipinski [Thu, 3 Sep 2020 17:29:58 +0000 (19:29 +0200)]
Make custom unique_ptr deleters stateless
Change-Id: Ic82b018c4c9c0ca3d3e10f1f9a0b3632aa79d670
Konrad Lipinski [Wed, 16 Sep 2020 12:42:23 +0000 (14:42 +0200)]
Constrain async tryCatch to Observer::ReceivedError
Change-Id: I360bc2a70aafa7436f4b7a7f4917c26d32a10e13
Konrad Lipinski [Thu, 3 Sep 2020 16:19:46 +0000 (18:19 +0200)]
Shrink ManagerAsync::Impl code
Change-Id: I84d18c8e965c2a430332b9a6b55d95f48ae707eb
Konrad Lipinski [Wed, 2 Sep 2020 17:55:07 +0000 (19:55 +0200)]
Deduplicate exception handling in CKMLogic a wee bit
Change-Id: I330fc80d01393a7709fb3b4c05c563de96681e66
Konrad Lipinski [Wed, 2 Sep 2020 16:18:05 +0000 (18:18 +0200)]
Turn some CKMLogic members into free functions
Change-Id: I4748050fb0476d0406c5b0ea117f0bc579522d10
Konrad Lipinski [Wed, 2 Sep 2020 15:30:02 +0000 (17:30 +0200)]
Shrink client manager impl a bit
Change-Id: I766a79b2504b0d564db4b4b3811fcd8a176001af
Konrad Lipinski [Fri, 28 Aug 2020 17:25:28 +0000 (19:25 +0200)]
Refactor ocspDoVerify a bit
Change-Id: I717cf06ff6a7cbb34b12349ee305f19d2bab0deb
Konrad Lipinski [Fri, 28 Aug 2020 11:56:08 +0000 (13:56 +0200)]
Shrink ocsp.h to a single free function
Change-Id: I36188ddfa3c0678a1a53fad6b4048cfaa6e9afdb
Konrad Lipinski [Thu, 27 Aug 2020 18:29:24 +0000 (20:29 +0200)]
Deduplicate client manager impl de/serialization
Change-Id: Iddcc5b42250584b7bed73a8ab6f64e0b61bd3520
Konrad Lipinski [Wed, 16 Sep 2020 10:56:09 +0000 (12:56 +0200)]
Forward retCode in alias vector getters
Change-Id: I16c94d941ed145fa93de359327bc6c8717578d89